Skip to Main Content
← Back to Jobs

Consultant - Forensics Cybersecurity Researcher

Microsoft Mountain View, CA
  • Expired: 21 days ago. Applications are no longer accepted.

Do you want to join the Detection and Response Team (DART) as a Cybersecurity Researcher?


Do you have a passion for helping Microsoft’s clients defend themselves against targeted attack? Are you interested in being intimately involved in the latest, cutting-edge developments in the security industry, communicating with security industry leaders, and having a direct impact on the security of all Microsoft customers? Do you want to be on the front lines of helping our customers assess their security posture?


If so, you might be a candidate for the Microsoft Cybersecurity Detection and Response Team (DART) as a Cybersecurity Researcher.


We are looking for a Cybersecurity Researcher with a strong, experienced security background to join our team delivering remote point-in-time cybersecurity assessment that provides our worldwide enterprise customers with a deeper understanding of their security posture.



The Cybersecurity Researcher works as part of a team assisting our top customers with:

  • Discovering attacker persistence (if present)
  • Determining attacker activity on known compromised systems
  • Identifying potential threats – allowing for proactive defense before an actual incident
  • Providing recommendations to improve cybersecurity posture going forward
  • Performing knowledge transfer to prepare customers to defend against today’s threat landscape


A BS in Computer Science or Engineering or comparable experience in a related discipline with 3+ years of related work experience along with the following:

  • Proven knowledge of security fundamentals across Microsoft platforms (Client, Server, Cloud)
  • Basic understanding of malware and threat landscape
  • 2+ years of on-site incident response experience
  • 2+ years of host and network forensics experience
  • 2+ years of responding to security events including onsite analysis, cyber crime and APT activity. 
  • Excellent oral and written communication skills including concisely communicating status and creating customer reports and presentations
  • Basic understanding of SQL

Experience with some of the following is a distinct advantage:

  • Consulting background
  • Active Directory subject matter expertise
  • Use of malware research tools
  • Microsoft Azure and/or Office 365 platform knowledge and experience
  • Experience with Log Analytics and Windows Defender ATP Advanced Analysis queries
  • Excellent understanding of Windows internals and where trace evidence can be found
  • Understanding of technology and security principles and possess knowledge of the cyber threat landscape
  • Proven experience in helping enterprises manage vulnerabilities, measure security, and ensure compliance
  • A desire to learn and grow, as well as a desire to help others do so
  • Knowledge of third-party cybersecurity solutions
  • CISSP certification or similar

If you are looking for a role that will allow you to use your knowledge and passion to strengthen the security posture of customers, you will have a bright future within our Microsoft’s Cybersecurity Detection and Response Team (DART). 



Travel is an integral part of this position as are high levels of recognition and visibility. Short notice travel with priority in the following order: EMEA, Asia Pacific and the Americas will likely be as 50% or higher as is demanded by the needs of our customers and our business. Position location is flexible.


Microsoft is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or any other characteristic protected by applicable laws, regulations and ordinances.  We also consider qualified applicants regardless of criminal histories, consistent with legal requirements. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request via the Accommodation request form.


Benefits/perks listed below may vary depending on the nature of your employment with Microsoft and the country where you work.



Mountain View, CA